Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/66N3EQND1sjUmozxAsHIiHnUtjs.roa
File: 66N3EQND1sjUmozxAsHIiHnUtjs.roa (raw, json)
Hash identifier: Di4TJGLfsG6JOPILuSIhdo5LxtGZyeTeA1p/OJCQbVw=
Subject key identifier: EB:A3:77:11:03:43:D6:C8:D4:9A:8C:F1:02:C1:C8:88:79:D4:B6:3B
Certificate issuer: /CN=b30e3011a0fb3111fbe8493c1230974aef532704
Certificate serial: 019D0FDFF8A83317BFE2F8D4C3E62DFB275B
Authority key identifier: B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/66N3EQND1sjUmozxAsHIiHnUtjs.roa
Signing time: Sat 21 Mar 2026 10:10:29 +0000
ROA not before: Sat 21 Mar 2026 10:10:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208951
IP address blocks: 31.44.0.0/24 maxlen: 24
31.44.1.0/24 maxlen: 24
31.44.2.0/24 maxlen: 24
31.44.3.0/24 maxlen: 24
45.14.48.0/24 maxlen: 24
45.14.49.0/24 maxlen: 24
45.14.50.0/24 maxlen: 24
45.14.51.0/24 maxlen: 24
45.138.24.0/24 maxlen: 24
45.138.25.0/24 maxlen: 24
45.138.26.0/24 maxlen: 24
78.111.84.0/24 maxlen: 24
92.246.128.0/24 maxlen: 24
92.246.129.0/24 maxlen: 24
92.246.130.0/24 maxlen: 24
92.246.131.0/24 maxlen: 24
94.141.96.0/24 maxlen: 24
94.141.97.0/24 maxlen: 24
94.141.98.0/24 maxlen: 24
94.141.99.0/24 maxlen: 24
109.207.168.0/24 maxlen: 24
109.207.169.0/24 maxlen: 24
109.207.171.0/24 maxlen: 24
109.207.172.0/24 maxlen: 24
188.227.57.0/24 maxlen: 24
188.227.58.0/24 maxlen: 24
188.227.59.0/24 maxlen: 24
188.227.84.0/24 maxlen: 24
188.227.85.0/24 maxlen: 24
188.227.86.0/24 maxlen: 24
188.227.87.0/24 maxlen: 24
188.227.106.0/24 maxlen: 24
188.227.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0f:df:f8:a8:33:17:bf:e2:f8:d4:c3:e6:2d:fb:27:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b30e3011a0fb3111fbe8493c1230974aef532704
Validity
Not Before: Mar 21 10:10:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eba377110343d6c8d49a8cf102c1c88879d4b63b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a3:59:f1:5d:84:32:e1:a7:06:16:94:46:09:
ad:73:82:7b:bc:4d:6f:ea:1f:0b:44:80:5a:e6:f5:
79:19:4c:7e:a3:b6:ec:dd:9f:0d:2d:38:ea:0a:4d:
c9:e1:89:d1:04:a2:73:f2:4b:2b:d4:e3:ce:af:0e:
6f:c8:0f:72:35:fe:fc:f8:6f:16:13:ea:ea:a1:69:
e1:3a:7e:1c:01:86:4d:c7:fc:ea:f2:b3:8c:bf:b3:
be:27:ad:48:cb:43:31:8b:ae:48:f5:bb:24:0b:26:
aa:f5:cb:f9:0b:e1:80:45:64:4e:bb:ca:22:36:8e:
07:d4:82:75:1e:d5:c0:e5:fc:82:04:14:b3:8b:ee:
45:83:01:36:d3:84:fa:61:f0:17:78:0f:44:f9:4a:
f1:2f:78:f4:f6:2c:56:66:6d:47:72:80:bb:a8:0c:
fe:96:67:34:75:4d:03:de:f7:a4:d2:fb:b9:36:38:
f7:ec:5c:e2:56:8f:84:30:d4:ad:77:0b:39:bb:79:
95:5b:26:0f:03:87:31:bd:e9:8f:54:96:43:2a:51:
cf:ef:77:7c:1c:a0:0f:8c:a8:be:a9:dd:3d:4b:29:
ab:40:c3:a8:ea:7f:79:8e:bc:85:25:78:99:4b:32:
57:99:a1:d4:b7:5b:1b:6a:63:c4:88:41:60:56:e4:
ab:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A3:77:11:03:43:D6:C8:D4:9A:8C:F1:02:C1:C8:88:79:D4:B6:3B
X509v3 Authority Key Identifier:
keyid:B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/66N3EQND1sjUmozxAsHIiHnUtjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.0.0/22
45.14.48.0/22
45.138.24.0-45.138.26.255
78.111.84.0/24
92.246.128.0/22
94.141.96.0/22
109.207.168.0/23
109.207.171.0-109.207.172.255
188.227.57.0-188.227.59.255
188.227.84.0/22
188.227.106.0/23
Signature Algorithm: sha256WithRSAEncryption
44:35:85:40:96:4d:46:bc:06:17:de:a8:87:0b:c7:f7:f7:96:
d0:d9:fa:e1:3a:76:a9:78:61:fd:31:a5:a5:82:e6:f0:ad:22:
05:64:52:10:98:e6:61:9c:30:dd:10:62:d8:27:5a:63:36:9f:
e3:35:ff:96:96:5c:be:ec:97:20:e8:b3:dd:49:1f:b9:24:65:
7d:df:06:42:d5:4c:f6:6f:38:54:83:cf:30:b3:f3:57:96:c2:
00:5f:b8:18:54:7d:65:f8:61:83:c1:ec:bd:83:08:7d:25:ca:
ca:78:ff:4e:5b:08:a4:fc:cc:ea:f4:9e:53:9c:1c:f7:fe:30:
a1:79:ca:a8:1d:7e:bd:0f:51:52:8e:d7:c1:a3:da:70:03:ee:
35:2a:69:8d:ff:f5:82:62:7d:56:72:df:00:26:d3:d2:d0:07:
d4:68:5a:91:6b:f9:44:5a:18:f2:d0:a1:0a:45:f8:26:6c:7f:
b4:6d:44:8e:c6:2e:ea:48:fd:13:1b:50:39:b9:12:e6:43:94:
76:06:d3:4c:4e:93:aa:1c:a6:2e:70:16:49:00:7d:4c:ac:0e:
0c:7b:ca:08:40:6e:c5:2a:44:4f:20:03:3e:40:a2:e8:59:17:
c4:0f:e4:a1:86:60:e7:5a:05:21:67:56:b6:65:28:38:60:ac:
5a:fe:7c:2d
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ0P3/ioMxe/4vjUw+Yt+ydbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMGUzMDExYTBmYjMxMTFmYmU4NDkzYzEyMzA5NzRhZWY1
MzI3MDQwHhcNMjYwMzIxMTAxMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmEzNzcxMTAzNDNkNmM4ZDQ5YThjZjEwMmMxYzg4ODc5ZDRiNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaNZ8V2EMuGnBhaURgmtc4J7vE1v
6h8LRIBa5vV5GUx+o7bs3Z8NLTjqCk3J4YnRBKJz8ksr1OPOrw5vyA9yNf78+G8W
E+rqoWnhOn4cAYZNx/zq8rOMv7O+J61Iy0Mxi65I9bskCyaq9cv5C+GARWROu8oi
No4H1IJ1HtXA5fyCBBSzi+5FgwE204T6YfAXeA9E+UrxL3j09ixWZm1HcoC7qAz+
lmc0dU0D3vek0vu5Njj37FziVo+EMNStdws5u3mVWyYPA4cxvemPVJZDKlHP73d8
HKAPjKi+qd09SymrQMOo6n95jryFJXiZSzJXmaHUt1sbamPEiEFgVuSrgwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFOujdxEDQ9bI1JqM8QLByIh51LY7MB8GA1UdIwQY
MBaAFLMOMBGg+zER++hJPBIwl0rvUycEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDIt
ZjlmYjM4Yzc3YzU1LzEvNjZOM0VRTkQxc2pVbW96eEFzSElpSG5VdGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDItZjlmYjM4Yzc3YzU1
LzEvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCHywAAwQC
LQ4wMAwDBAMtihgDBAAtihoDBABOb1QDBAJc9oADBAJejWADBAFtz6gwDAMEAG3P
qwMEAG3PrDAMAwQAvOM5AwQCvOM4AwQCvONUAwQBvONqMA0GCSqGSIb3DQEBCwUA
A4IBAQBENYVAlk1GvAYX3qiHC8f395bQ2frhOnapeGH9MaWlgubwrSIFZFIQmOZh
nDDdEGLYJ1pjNp/jNf+Wlly+7Jcg6LPdSR+5JGV93wZC1Uz2bzhUg88ws/NXlsIA
X7gYVH1l+GGDwey9gwh9JcrKeP9OWwik/Mzq9J5TnBz3/jChecqoHX69D1FSjtfB
o9pwA+41KmmN//WCYn1Wct8AJtPS0AfUaFqRa/lEWhjy0KEKRfgmbH+0bUSOxi7q
SP0TG1A5uRLmQ5R2BtNMTpOqHKYucBZJAH1MrA4Me8oIQG7FKkRPIAM+QKLoWRfE
D+ShhmDnWgUhZ1a2ZSg4YKxa/nwt
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:14:11 2026 by rpki-client